General
-
Target
035c8defab303fbee534507561f3a2b89da8cc74810057aa3fe5374ccd49e3b2.bin
-
Size
208KB
-
Sample
240501-1yn2fsbc56
-
MD5
9dcac1cbdf75f82492bbe397bd4defb3
-
SHA1
030e8943585e88a2c602ecd3dd79668ccc425042
-
SHA256
035c8defab303fbee534507561f3a2b89da8cc74810057aa3fe5374ccd49e3b2
-
SHA512
c5df6d5e83730a0e7eb5a7a87f3c884f9076aea55ae02dc306c1e52fda1f9bd964516393c15ad1f0a0cfa9d111dae305858673513a74623e9afd84893b18d826
-
SSDEEP
6144:AZy81SuMmmvNtIy+e6m0CmOC3D4YTwXj1TYud29:AZy13dCm0d38YKCud29
Static task
static1
Behavioral task
behavioral1
Sample
035c8defab303fbee534507561f3a2b89da8cc74810057aa3fe5374ccd49e3b2.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Extracted
xloader_apk
http://91.204.227.39:28844
Targets
-
-
Target
035c8defab303fbee534507561f3a2b89da8cc74810057aa3fe5374ccd49e3b2.bin
-
Size
208KB
-
MD5
9dcac1cbdf75f82492bbe397bd4defb3
-
SHA1
030e8943585e88a2c602ecd3dd79668ccc425042
-
SHA256
035c8defab303fbee534507561f3a2b89da8cc74810057aa3fe5374ccd49e3b2
-
SHA512
c5df6d5e83730a0e7eb5a7a87f3c884f9076aea55ae02dc306c1e52fda1f9bd964516393c15ad1f0a0cfa9d111dae305858673513a74623e9afd84893b18d826
-
SSDEEP
6144:AZy81SuMmmvNtIy+e6m0CmOC3D4YTwXj1TYud29:AZy13dCm0d38YKCud29
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-